Multi-level authentication system with persistent integration platform

ABSTRACT

Embodiments of the present invention provide a persistent integration platform for conducting a multichannel resource transfer. In particular, the system may utilize a multi-step and multilayered authentication process across multiple disparate computing systems to complete the resource transfer process. In some embodiments, the system may utilize a persistent element which may be accessed by the user across multiple devices which aids in the resource transfer. The system may further require the user to authenticate with multiple methods across the multiple devices, which increases the security of the resource transfer process.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims priority to U.S. Provisional PatentApplication Ser. No. 62/569,032, filed Oct. 6, 2017 of the same title,the entirety of which is hereby incorporated by reference.

FIELD OF THE INVENTION

The present invention embraces a system, computer program product, andmethod for conducting a multichannel resource transfer.

BACKGROUND

Traditional resource transfers are typically completed in a single,uninterrupted session. In such scenarios, a user who begins a resourcetransfer process but wishes to suspend the process must later repeat oneor more steps in the resource transfer process in order to achievecompletion. Furthermore, gaps in the resource transfer process mayintroduce security risks arising from insufficient authenticationprocedures. Accordingly, there is a need for an efficient system thatminimizes the need to repeat steps when resuming a resource transferprocess while enhancing the security of the resource transfer process.

BRIEF SUMMARY

The following presents a simplified summary of one or more embodimentsof the invention in order to provide a basic understanding of suchembodiments. This summary is not an extensive overview of allcontemplated embodiments, and is intended to neither identify key orcritical elements of all embodiments, nor delineate the scope of any orall embodiments. Its sole purpose is to present some concepts of one ormore embodiments in a simplified form as a prelude to the more detaileddescription that is presented later.

The present invention provides a persistent integration platform whichstores user data on resource transfers. The data may include the statusof a resource transfer as well as the steps that have been completed bythe user to complete the resource transfer. The integration platform maybe accessed by a number of different types of authorized devices, whichgreatly increases the flexibility and the efficiency of the resourcetransfer system. Furthermore, the system may typically require the userto authenticate one or more times per device that is used to completeone or more steps of the resource transfer process. This in turnincreases the security of the system and also increases the confidencelevel to which the system has correctly identified the user.

Accordingly, embodiments of the present disclosure provide amulti-channel authentication system with a persistent integrationplatform. The system may comprise a communication interface; aprocessor; and a memory having executable code stored thereon. Theexecutable code, when executed by the processor, causes the processor todetect that a user has accessed an entity computing system; authenticatethe user via the entity computing system using a first authenticationmethod; retrieve, from a resource transfer server, data associated withthe user; based on the data associated with the user, prompt the user toinitiate a resource transfer process; detect that the user wishes tosuspend the resource transfer process; generate a data record of theresource transfer process within a persistent element of the resourcetransfer server; detect that the user wishes to resume the resourcetransfer process via a user computing system; and authenticate the uservia the user computing system using a second authentication method.

In some embodiments, the first authentication method is different fromthe second authentication method.

In some embodiments, the executable code further causes the processor todetect that the resource transfer process requires additionalauthentication credentials; and authenticate the user using a thirdauthentication method.

In some embodiments, the third authentication method is different fromthe first authentication method and the second authentication method.

In some embodiments, wherein the first authentication method comprisesverification using a PIN, wherein the second authentication methodcomprises verification using a username and password.

In some embodiments, the third authentication method comprisesverification using biometric data.

In some embodiments, the executable code further causes the processor toprefill customer information for the resource transfer process.

Embodiments of the present disclosure also provide a computer programproduct for multi-channel authentication with a persistent integrationplatform. The computer program product may comprise at least onenon-transitory computer readable medium having computer-readable programcode portions embodied therein, the computer-readable program codeportions comprising an executable portion for detecting that a user hasaccessed an entity computing system; an executable portion forauthenticating the user via the entity computing system using a firstauthentication method; an executable portion for retrieving, from aresource transfer server, data associated with the user; an executableportion for, based on the data associated with the user, prompting theuser to initiate a resource transfer process; an executable portion fordetecting that the user wishes to suspend the resource transfer process;an executable portion for generating a data record of the resourcetransfer process within a persistent element of the resource transferserver; an executable portion for detecting that the user wishes toresume the resource transfer process via a user computing system; and anexecutable portion for authenticating the user via the user computingsystem using a second authentication method.

In some embodiments, the first authentication method is different fromthe second authentication method.

In some embodiments, the computer-readable program code portions furthercomprise an executable portion for detecting that the resource transferprocess requires additional authentication credentials; and anexecutable portion for authenticating the user using a thirdauthentication method.

In some embodiments, the third authentication method is different fromthe first authentication method and the second authentication method.

In some embodiments, the first authentication method comprisesverification using a PIN, wherein the second authentication methodcomprises verification using a username and password.

In some embodiments, the third authentication method comprisesverification using biometric data.

Embodiments of the present disclosure also provide acomputer-implemented method for multi-channel authentication with apersistent integration platform. The method may comprise detecting thata user has accessed an entity computing system; authenticating the uservia the entity computing system using a first authentication method;retrieving, from a resource transfer server, data associated with theuser; based on the data associated with the user, prompting the user toinitiate a resource transfer process; detecting that the user wishes tosuspend the resource transfer process; generating a data record of theresource transfer process within a persistent element of the resourcetransfer server; detecting that the user wishes to resume the resourcetransfer process via a user computing system; and authenticating theuser via the user computing system using a second authentication method.

In some embodiments, the first authentication method is different fromthe second authentication method.

In some embodiments, the method further comprises detecting that theresource transfer process requires additional authenticationcredentials; and authenticating the user using a third authenticationmethod.

In some embodiments, the third authentication method is different fromthe first authentication method and the second authentication method.

In some embodiments, the first authentication method comprisesverification using a PIN, wherein the second authentication methodcomprises verification using a username and password.

In some embodiments, the third authentication method comprisesverification using biometric data.

In some embodiments, the method further comprises prefilling customerinformation for the resource transfer process.

The features, functions, and advantages that have been discussed may beachieved independently in various embodiments of the present inventionor may be combined with yet other embodiments, further details of whichcan be seen with reference to the following description and drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

Having thus described embodiments of the invention in general terms,reference will now be made to the accompanying drawings, wherein:

FIG. 1 depicts an operating environment, in accordance with oneembodiment of the present invention;

FIG. 2 depicts a block diagram illustrating the resource transferserver, the user computing system, the entity computing system, and thethird party computing system in more detail, in accordance with oneembodiment of the present invention; and

FIG. 3 depicts a process flow for conducting a resource transfer processthrough a persistent integration platform, in accordance with oneembodiment of the present invention.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

Embodiments of the present invention will now be described more fullyhereinafter with reference to the accompanying drawings, in which some,but not all, embodiments of the invention are shown. Indeed, theinvention may be embodied in many different forms and should not beconstrued as limited to the embodiments set forth herein; rather, theseembodiments are provided so that this disclosure will satisfy applicablelegal requirements. Like numbers refer to elements throughout. Wherepossible, any terms expressed in the singular form herein are meant toalso include the plural form and vice versa, unless explicitly statedotherwise. Also, as used herein, the term “a” and/or “an” shall mean“one or more,” even though the phrase “one or more” is also used herein.

“Entity” as used herein may refer to an individual or an organizationthat owns and/or operates a system of networked computing devices and/orsystems on which the resource transfer system is implemented. The entitymay be a business organization, a non-profit organization, a governmentorganization, and the like. In some embodiments, the entity may be afinancial institution.

“User” as used herein may refer to an individual who may utilize thesystem to send digital resource requests. Typically, the user isauthorized by the entity to access the system. Accordingly, the user maybe a customer of an entity who owns an account within the entity'ssystem. In other embodiments, the user may be a potential customer ofthe entity. In some embodiments, the user may be an employee,administrator, or representative of the entity.

“Computing system” as used herein may refer to a networked computingdevice within the entity system. The computing system may include aprocessor, a non-transitory storage medium, a communications device, anda display. The computing system may support user logins and inputs fromany combination of similar or disparate devices. Accordingly, thecomputing system may be a portable electronic device such as asmartphone, tablet, or laptop, or the computing system may be astationary unit such as a desktop computer or server. In someembodiments, the computing system may be a computer located on theentity's premises, such as a workstation, an ATM, a networked terminal,and the like.

“Account” as used herein may refer to a personalized record kept withinan entity on behalf of a user. Each account is associated with aspecific authorized user and contains information on resources owned bythe user and held by the entity.

“Resource” as used herein may refer to an object under the ownership ofa user which is stored or maintained by the entity on the user's behalf.The resource may be intangible or tangible objects such as data files,documents, biographical data, funds, and the like. Typically, the user'saccount contains records of the resources owned by the user. Accountdata may be stored in an account database within the entity's systems.

Embodiments of the present invention provide a system, computer programproduct, and method for conducting a multichannel resource transfer. Inparticular, the system may utilize a multi-step and multilayeredauthentication process across multiple disparate computing systems tocomplete the resource transfer process. In some embodiments, the systemmay utilize a persistent element which may be accessed by the useracross multiple devices which aids in the resource transfer. Forinstance, the resource transfer process may be started on a firstcomputing system, which may be a stationary networked terminal. At thispoint, the system may authenticate the user using a first method. Oncethe user has been authenticated by the first method, a record of theresource transfer may be created within the persistent element. Therecord may contain, for example, data on the steps of the resourcetransfer which have already been completed by the user. The user maythereafter access the persistent element through a second computingsystem, such as a user device, to resume the resource transfer andcomplete the remaining steps as necessary.

In an exemplary embodiment, a user may enter authentication credentialsat an ATM. The system may, via the ATM, provide the user an option tocomplete a resource transfer, such as a transfer of documents needed fora credit card application. Upon receiving a selection of the option bythe user, the system may store a record of the selection within thepersistent element, which may be a digital cart. The digital cart maystore the steps of the application process that have been completed bythe user at the ATM. Upon detecting that the user has left the ATM (e.g.by using location data, by detecting that the user has concludedtransacting with the ATM, by using NFC technology, and the like), theATM may push the digital cart to a number of computing systemsassociated with the user. In some embodiments, said computing systemassociated with the user may be a personal computing device such as atablet, smartphone, laptop, desktop computer, and the like. In otherembodiments, the computing system associated with the user may be aterminal within the entity's premises, such as a computer within abranch location operated by the entity. Through said computing system,the user may access the digital cart to complete the applicationprocess. When the user attempts to access the digital cart using saidcomputing system, the system may request further authenticationcredentials from the user. In some embodiments, the furtherauthentication credentials may be different from the authenticationcredentials requested by the ATM. Once the system has received thefurther authentication credentials, the system to the user an option tocontinue the application process. In this way, the system provides anexpedient and secure way to transfer resources.

The system as disclosed herein offers a number of technologicaladvantages over traditional methods of conducting resource transfers.Authenticating the user multiple times by using a multitude ofauthentication methods across the resource transfer process greatlyincreases the confidence level to which the user's identity is correctlyverified by the system. Furthermore, allowing the resource transferprocess to be resumed across disparate devices reduces the need torestart the resource transfer process from the beginning upon switchingdevices, thereby preventing the waste of various computing resources,which may include processing power, memory space, storage space, cachespace, electric power, networking bandwidth, and the like.

FIG. 1 is a block diagram illustrating an operating environment, inaccordance with one embodiment of the present invention. The operatingenvironment may include a resource transfer server 100 in operativecommunication with a user computing system 110, an entity computingsystem 120, and a third party computing system 130 over a network 180.The network 180 may, for example, be a global area network (GAN), suchas the Internet, a wide area network (WAN), a local area network (LAN),or any other type of network or combination of networks. The network 180may provide for wireline, wireless, or a combination wireline andwireless communication between the various devices and computing systemson the network 180.

The resource transfer server 100 comprises the hardware and softwarenecessary to run the multichannel resource transfer system, whichcoordinates the resource transfer process amongst the user computingsystem 110, the entity computing system 120, and the third partycomputing system 130 through an API. Typically, the resource transferserver 100, the user computing system 110, the entity computing system120, and the third party computing system 130 are owned and operated byan entity or a user. Accordingly, it should be understood by those ofordinary skill in the art that the various devices and computing systemsas depicted herein may be embodied in a single device or computingsystem or multiple devices and/or computing systems operativelyconnected to one another in a distributed fashion. For instance, theresource transfer server 100 as depicted herein may be owned andoperated by a first entity and comprise a series of computing systemsacting in parallel to execute the functions of the resource transferserver 100. The resource transfer server 100 may contain a commondigital platform that may be accessed from a plurality of differentchannels.

The entity computing system 120 may be a computer that is owned andoperated by an entity. In an exemplary embodiment, the entity may be afinancial institution and the entity computing system 120 may be an ATM.The entity computing system 120 may be configured to detect the identityof the user for authentication purposes. In some embodiments, the usermay have an account with the entity or be a client of the entity. Insuch embodiments, the entity computing system 120 may query the resourcetransfer server 100 for information associated with the user. The entitycomputing system 120 may prompt the user to provide authenticationcredentials, such as login information, a PIN, password, and the like.The entity computing system 120 may further be configured toauthenticate the user by biometric means, such as a retinal scan, facialrecognition, and the like. Once the user has been authenticated, theentity computing system 120 may, based on the user's identity, promptthe user to conduct a resource transfer. In some embodiments, theresource transfer may be the provision of documents to the entity for acredit card application. The entity computing system 120, based on itscommunications with the resource transfer server 100, may preapprove theuser for the credit card and present the offer to the user accordingly.In other embodiments, the user may be a potential client of the entitywho has downloaded an application on the user computing system 110. Insuch embodiments, the entity computing system 120 may be configured toquery the user computing system 110 for information associated with theuser, which may be accomplished through the Internet, NFC, WiFi,Bluetooth, IR, and other similar communications technologies. In someembodiments, the user may wish to temporarily pause the credit cardapplication process and finish it at a later time on a different device.In such embodiments, the entity computing system 120 may store the stateof the application associated with the user within a persistent element,such as a digital cart. In some embodiments, the digital cart may bestored on the resource transfer server 100. In this way, the user isable to access the persistent cart on a different device to complete theapplication process. Typically, the user will complete the process onthe user computing system 110. In other embodiments, the user mayutilize a second entity computing system 120, such as a computer locatedon the entity's premises.

The user computing system 110 is typically owned and operated by a user.In some embodiments, the user computing system 110 may be a portabledevice such as a smartphone, tablet, PDA, smart device, laptop, and thelike. The entity computing system 120 may detect the user computingsystem 110 is located in close proximity to the entity computing system120, which may be accomplished by GPS, NFC, WiFi, and the like. Theentity computing system 120 may then query the user computing system 110to determine that an application provided by the entity is installed onthe user computing system 110. If the user has begun the resourcetransfer process at the entity computing system 120 and has indicatedthat the user wishes to complete the process at a later time, the entitycomputing system 120 may be configured to push the data within thedigital cart to the user computing system 110. Thereafter, the user mayaccess the application provided by the entity on the user computingsystem 110, where the application may ask for further authenticationcredentials from the user. In some embodiments, the furtherauthentication credentials may be different from the authenticationcredentials requested by the entity computing system 120, which mayinclude voice recognition, fingerprint data, secure tokens, and thelike. In this way, the user is provided with a convenient way tocomplete resource transfers, and the entity is provided with a higherdegree of security and confidence that the user has been correctlyidentified.

The third party computing system 130 may be owned and operated by asecond entity that is involved in the resource transfer process. Thethird party computing system 130 may contain information associated withthe user. For instance, the third party computing system 130 may beowned and operated by a credit reporting agency which possess data onthe user's credit history. In other embodiments, the third partycomputing system 130 may be owned and operated by real estate orautomotive broker companies, from which the resource transfer server 100scrapes data to provide targeted offers to the user.

FIG. 2 is a block diagram illustrating the resource transfer server 100,the user computing system 110, the entity computing system 120, and thethird party computing system 130 in more detail, in accordance with oneembodiment of the present invention. The resource transfer server 100typically contains a processor 220 communicably coupled to such devicesas a communication interface 210 and a memory 230. The processor 220,and other processors described herein, typically includes circuitry forimplementing communication and/or logic functions of the multichannelresource transfer system. For example, the processor 220 may include adigital signal processor device, a microprocessor device, and variousanalog to digital converters, digital to analog converters, and/or othersupport circuits.

The resource transfer server 100 may use the communication interface 210to communicate with other devices over the network 180. Thecommunication interface 210 as used herein may include an Ethernetinterface, an antenna coupled to a transceiver configured to operate ona cellular data or WiFi signal, and/or a near field communication(“NFC”) interface.

The resource transfer server 100 may include a memory 230 operativelycoupled to the processor 220. As used herein, memory includes anycomputer readable medium (as defined herein below) configured to storedata, code, or other information. The memory may include volatilememory, such as volatile Random Access Memory (RAM) including a cachearea for the temporary storage of data. The memory may also includenon-volatile memory, which can be embedded and/or may be removable. Thenon-volatile memory can additionally or alternatively include anelectrically erasable programmable read-only memory (EEPROM), flashmemory or the like. An entity server application 250 may be storedwithin the memory 230 of the resource transfer server 100. Whenexecuted, the entity server application 250 may securely communicatewith the user computing system 110, entity computing system 120, and thethird party computing system 130 and provide a common digital platformfrom which resource transfers may be started and resumed at any pointand from any device to which the user has authenticated access. Ahistorical database 240 may be stored within the memory 230, where thehistorical database 240 may include data associated with theinteractions of the system with the user computing system 110, theentity computing system 120, and the third-party computing system 130.The memory 230 may store a data analytics engine, which reads thehistorical data within the historical database 240 to predict futureactions taken by the user computing system 110 and/or the entitycomputing system 120 and provide recommendations to the useraccordingly. Typically, the resource transfer server 100 is owned and/oroperated by a first entity such as a financial institution whichprovides services to the various parties.

The user computing system 110 may comprise a communication interface211, a processor 221, and a memory 231 having an entity user application241 stored thereon. The entity user application 241 is typically anapplication provided by the entity to allow the user to access theresource transfer server 100 to begin, continue, and complete resourcetransfers regardless of which device was used to begin the process. Assuch, the user computing system 110 is owned and operated by the user,who is typically a client or potential client of the entity. The usercomputing system may further comprise a user interface 251 operativelycoupled to the processor 221. The user interface 251 may comprise anumber of input and output devices to interact with the user.Accordingly, the user interface 251 may comprise a number of inputdevices such as touchscreens, microphones, cameras, keyboards, keypads,motion sensors, and the like, and/or a number of output devices such aselectronic displays, speakers, projectors, and the like. The userinterface 251 may further comprise implements to receive authenticationdata from the user, such as biometric fingerprint readers, voicerecognition software, facial recognition software, and the like.

The entity computing system 120 typically includes a processor 222operatively coupled to a communication interface 212 and a memory 232.The memory 232 may contain an entity client application 242 which causesthe processor 323 to interact with the user through the user interface252, which may include various input devices and output devices asdescribed above. The user interface 252 may further include variousimplements to authenticate the user, as described above. Typically, theentity computing system 120 is owned and/or operated by the first entity(i.e. the entity that owns and operates the resource transfer server100) and is located on the entity's premises. The entity clientapplication 242 may comprise the application code needed for the user261 to access the entity server application 250. Typically, the user 261completes at least a portion of a resource transfer at the entitycomputing system 120. In an exemplary embodiment, the entity computingsystem 120 may be an ATM, which may prompt the user 261 forauthentication credentials, such as a PIN, password, voice command,biometric data, and the like. Once the user 261 has been authenticated,the system may query the historical database 240 within the resourcetransfer server 100 to determine an offer that is appropriate for theuser 261. For instance, the system may determine that the user 261 is inthe market to buy a house. The system may then, upon determining thatthe user 261 is eligible for a preapproved mortgage loan, offer to startthe loan process at the ATM. Once the user accepts the offer, theapplication is stored to on the resource transfer server 100 within apersistent digital cart. The digital cart also tracks the status of theapplication, which may include the steps that have been completed andthe steps remaining in the loan application process. In this way, theuser 261 is able to resume the application on the user computing system110 or another authorized device at a later time.

The third party computing system 130 typically includes a processor 223operatively coupled to a communication interface 213 and a memory 233having a third party database 243 stored thereon. Typically, the thirdparty computing system 130 is owned and/or operated by a second entity,such as a broker or a credit reporting agency. The third party database243 may store account data associated with the user. In an exemplaryembodiment, the second entity may be a real estate listing agency whichpossesses data on potential properties that the user may be interestedin purchasing. In such embodiments, the resource transfer server 100 mayquery the third party database 243 to retrieve said user-related data totailor the mortgage loan offer accordingly.

FIG. 3 illustrates a process flow for conducting a resource transferprocess through the persistent integration platform, in accordance withone embodiment of the present invention. The process begins at block300, where the system detects that the user has accessed the entitycomputing system. In an exemplary embodiment, the user may be conductinga transaction at an ATM. In some embodiments, the user may have providedinput to the ATM, such as by touching the touchscreen or keypad/keyboardinputs. In other embodiments, the user may have triggered a motionsensor, camera, or microphone that detects the user's presence. In yetother embodiments, the ATM may detect the presence of the user bydetecting a mobile device carried by the user, such as through GPScollocation, NFC, WiFi, and other technologies.

The process continues to block 301, where the system authenticates theuser using a first authentication method. At this step, the system mayattempt to determine the identity of the user, which may include whetherthe user is a customer of the entity. Accordingly, the ATM may requestauthentication credentials from the user, which may include a PIN,password, voice command, biometric fingerprint data, and the like. TheATM may further gather authentication data through means such as facialrecognition, a secured token on the user's mobile device, scanning theuser's identification card, and the like. Once the user has beenauthenticated and/or identified, the system may detect that the user isa client of the entity.

The process continues to block 302, where the system retrieves from theresource transfer server, over a network, data associated with the user.Typically, the user is a client of the entity. In this scenario, thesystem has direct access to the client's information, such as accountdata, biographical information, spending habits, behaviors, and thelike. The system may retrieve such data from the entity's servers toprovide a more streamlined experience to the user when conductingresource transfers. In other embodiments, the system may detect that theuser is not a client of the entity. In such a scenario, the system mayretrieve data associated with the user from one or more third partyservers, which may include real estate or vehicle listing services,credit reporting agencies, and the like.

The process continues to block 303, where the system, based on the dataassociated with the user, prompts the user to initiate a resourcetransfer process. In an exemplary embodiment, the resource transferprocess may be a transfer of necessary information from the user to thesystem in order to complete a credit card application. The user may,based on the information provided by the user and retrieved from theentity's servers and/or third party servers, make recommendations forproducts and/or services offered by the entity that may be of interestto the user. The prompt/offer may be presented to the user through anoutput device within or connected to the ATM, such as an illuminateddisplay. The user may then be able to provide input to accept or rejectthe offer, such as by touchpad, keypad, voice commands, and the like. Ifthe user accepts the offer, the ATM may initiate the application processby pre-filling certain required information based on the user's input aswell as data retrieved from the entity's servers and/or third partyservers.

The process continues to block 304, where the system detects that theuser wishes to suspend the transfer process. In some circumstances, theapplication process may require additional information or documents thatthe user may not be able to provide in a timely manner when conductingtransactions at the ATM. Accordingly, the ATM may display an option tothe user to save the application for completion at a later time. Inother embodiments, the ATM may, based on the nature of the application,automatically save the application for completion at a later time bypushing the application to the user's mobile computing system.

The process continues to block 305, where the system generates a datarecord of the resource transfer process within the persistent element ofthe resource transfer server. Typically, the persistent element is adigital cart stored within the entity's servers. The data record withinthe digital cart may be pushed to the user's mobile device forcompletion of the application at a later time. This digital cart createsa persistent integration platform which allows the user to complete theapplication on a multitude of disparate devices and channels; becausethe digital cart is accessible centrally, the user need not at any pointrestart any portion of the application process, which prevents the wasteof computing resources associated with the duplication of steps in theapplication.

The process continues to block 306, where the system detects that theuser wishes to resume the transfer process using a user computingsystem. In some embodiments, the user computing system may be a mobiledevice such as a smartphone or tablet. In other embodiments, the usercomputing system may be a device such as a desktop or laptop computer.The system may detect that the user has attempted to access the entity'sservers using the user computing system. In some embodiments, the usermay have attempted to resume the process through a third partyapplication such as a web browser. In other embodiments, the user mayattempt to resume the application process via the entity userapplication provided by the entity.

The process concludes at block 307, where the system authenticates theuser using a second authentication method. Typically, the system willrequire the user to provide authentication credentials in addition tothe credentials provided by the user when initiating the resourcetransfer. For instance, if the user provided a PIN at the ATM, the usermay be required to provide a password or biometric thumbprint to resumethe application process. As another example, if the user has provided apassword at the ATM, the user may be prompted to provide facialrecognition data, secured tokens, and the like. In some embodiments, thesystem may require that the second authentication method is differentfrom the first authentication method. In this way, the system is able tosignificantly increase the confidence level to which the system is ableto correctly identify the user. This greatly increases the security ofthe resource transfer system and reduces the incidence of wastedcomputing resources associated with correcting incorrectidentifications.

In some embodiments, the confidence level to which the system is able tocorrectly identify the user may change depending on the type of resourcetransfer process. For instance, the number and/or type of credentialsrequired may increase as the loan amount of the application increases.In an exemplary embodiment, the system may detect that the resourcetransfer process requires additional credentials (e.g., in addition tothe credentials provided by the user). In such embodiments, the systemmay authenticate the user using a third (or fourth, or so on)authentication method which may be different from the first and secondauthentication methods.

Each communication interface described herein generally includeshardware, and, in some instances, software, that enables the computersystem, to transport, send, receive, and/or otherwise communicateinformation to and/or from the communication interface of one or moreother systems on the network. For example, the communication interfaceof the user input system may include a wireless transceiver, modem,server, electrical connection, and/or other electronic device thatoperatively connects the user input system to another system. Thewireless transceiver may include a radio circuit to enable wirelesstransmission and reception of information.

As will be appreciated by one of ordinary skill in the art, the presentinvention may be embodied as an apparatus (including, for example, asystem, a machine, a device, a computer program product, and/or thelike), as a method (including, for example, a business process, acomputer-implemented process, and/or the like), or as any combination ofthe foregoing. Accordingly, embodiments of the present invention maytake the form of an entirely software embodiment (including firmware,resident software, micro-code, and the like), an entirely hardwareembodiment, or an embodiment combining software and hardware aspectsthat may generally be referred to herein as a “system.” Furthermore,embodiments of the present invention may take the form of a computerprogram product that includes a computer-readable storage medium havingcomputer-executable program code portions stored therein.

As the phrase is used herein, a processor may be “configured to” performa certain function in a variety of ways, including, for example, byhaving one or more general-purpose circuits perform the function byexecuting particular computer-executable program code embodied incomputer-readable medium, and/or by having one or moreapplication-specific circuits perform the function.

It will be understood that any suitable computer-readable medium may beutilized. The computer-readable medium may include, but is not limitedto, a non-transitory computer-readable medium, such as a tangibleelectronic, magnetic, optical, infrared, electromagnetic, and/orsemiconductor system, apparatus, and/or device. For example, in someembodiments, the non-transitory computer-readable medium includes atangible medium such as a portable computer diskette, a hard disk, arandom access memory (RAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), a compact discread-only memory (CD-ROM), and/or some other tangible optical and/ormagnetic storage device. In other embodiments of the present invention,however, the computer-readable medium may be transitory, such as apropagation signal including computer-executable program code portionsembodied therein.

It will also be understood that one or more computer-executable programcode portions for carrying out the specialized operations of the presentinvention may be required on the specialized computer includeobject-oriented, scripted, and/or unscripted programming languages, suchas, for example, Java, Perl, Smalltalk, C++, SAS, SQL, Python, ObjectiveC, and/or the like. In some embodiments, the one or morecomputer-executable program code portions for carrying out operations ofembodiments of the present invention are written in conventionalprocedural programming languages, such as the “C” programming languagesand/or similar programming languages. The computer program code mayalternatively or additionally be written in one or more multi-paradigmprogramming languages, such as, for example, F#.

Embodiments of the present invention are described above with referenceto flowcharts and/or block diagrams. It will be understood that steps ofthe processes described herein may be performed in orders different thanthose illustrated in the flowcharts. In other words, the processesrepresented by the blocks of a flowchart may, in some embodiments, be inperformed in an order other that the order illustrated, may be combinedor divided, or may be performed simultaneously. It will also beunderstood that the blocks of the block diagrams illustrated, in someembodiments, merely conceptual delineations between systems and one ormore of the systems illustrated by a block in the block diagrams may becombined or share hardware and/or software with another one or more ofthe systems illustrated by a block in the block diagrams. Likewise, adevice, system, apparatus, and/or the like may be made up of one or moredevices, systems, apparatuses, and/or the like. For example, where aprocessor is illustrated or described herein, the processor may be madeup of a plurality of microprocessors or other processing devices whichmay or may not be coupled to one another. Likewise, where a memory isillustrated or described herein, the memory may be made up of aplurality of memory devices which may or may not be coupled to oneanother.

It will also be understood that the one or more computer-executableprogram code portions may be stored in a transitory or non-transitorycomputer-readable medium (e.g., a memory, and the like) that can directa computer and/or other programmable data processing apparatus tofunction in a particular manner, such that the computer-executableprogram code portions stored in the computer-readable medium produce anarticle of manufacture, including instruction mechanisms which implementthe steps and/or functions specified in the flowchart(s) and/or blockdiagram block(s).

The one or more computer-executable program code portions may also beloaded onto a computer and/or other programmable data processingapparatus to cause a series of operational steps to be performed on thecomputer and/or other programmable apparatus. In some embodiments, thisproduces a computer-implemented process such that the one or morecomputer-executable program code portions which execute on the computerand/or other programmable apparatus provide operational steps toimplement the steps specified in the flowchart(s) and/or the functionsspecified in the block diagram block(s). Alternatively,computer-implemented steps may be combined with operator and/orhuman-implemented steps in order to carry out an embodiment of thepresent invention.

While certain exemplary embodiments have been described and shown in theaccompanying drawings, it is to be understood that such embodiments aremerely illustrative of, and not restrictive on, the broad invention, andthat this invention not be limited to the specific constructions andarrangements shown and described, since various other changes,combinations, omissions, modifications and substitutions, in addition tothose set forth in the above paragraphs, are possible. Those skilled inthe art will appreciate that various adaptations and modifications ofthe just described embodiments can be configured without departing fromthe scope and spirit of the invention. Therefore, it is to be understoodthat, within the scope of the appended claims, the invention may bepracticed other than as specifically described herein.

INCORPORATION BY REFERENCE

To supplement the present disclosure, this application furtherincorporates entirely by reference the following commonly assignedpatent applications:

U.S. Patent Application Docket Number Ser. No. Title Filed On8103US1.014033.3311 To be assigned PERSISTENT Concur- INTEGRATION rentlyPLATFORM FOR herewith MULTI-CHANNEL RESOURCE TRANSFERS

What is claimed is:
 1. A multi-channel authentication system with apersistent integration platform, the system comprising: a communicationinterface; a processor; and a memory having executable code storedthereon, wherein the executable code, when executed by the processor,causes the processor to: detect that a user has accessed an entitycomputing system; authenticate the user via the entity computing systemusing a first authentication method; retrieve, from a resource transferserver, data associated with the user; based on the data associated withthe user, prompt the user to initiate a resource transfer process;detect that the user wishes to suspend the resource transfer process;generate a data record of the resource transfer process within apersistent element of the resource transfer server; detect that the userwishes to resume the resource transfer process via a user computingsystem; and authenticate the user via the user computing system using asecond authentication method.
 2. The system of claim 1, wherein thefirst authentication method is different from the second authenticationmethod.
 3. The system of claim 1, wherein the executable code furthercauses the processor to: detect that the resource transfer processrequires additional authentication credentials; and authenticate theuser using a third authentication method.
 4. The system of claim 3,wherein the third authentication method is different from the firstauthentication method and the second authentication method.
 5. Thesystem of claim 1, wherein the first authentication method comprisesverification using a PIN, wherein the second authentication methodcomprises verification using a username and password.
 6. The system ofclaim 2, wherein the third authentication method comprises verificationusing biometric data.
 7. The system of claim 1, wherein the executablecode further causes the processor to prefill customer information forthe resource transfer process.
 8. A computer program product formulti-channel authentication with a persistent integration platform, thecomputer program product comprising at least one non-transitory computerreadable medium having computer-readable program code portions embodiedtherein, the computer-readable program code portions comprising: anexecutable portion for detecting that a user has accessed an entitycomputing system; an executable portion for authenticating the user viathe entity computing system using a first authentication method; anexecutable portion for retrieving, from a resource transfer server, dataassociated with the user; an executable portion for, based on the dataassociated with the user, prompting the user to initiate a resourcetransfer process; an executable portion for detecting that the userwishes to suspend the resource transfer process; an executable portionfor generating a data record of the resource transfer process within apersistent element of the resource transfer server; an executableportion for detecting that the user wishes to resume the resourcetransfer process via a user computing system; and an executable portionfor authenticating the user via the user computing system using a secondauthentication method.
 9. The computer program product of claim 8,wherein the first authentication method is different from the secondauthentication method.
 10. The computer program product of claim 8, thecomputer-readable program code portions further comprising: anexecutable portion for detecting that the resource transfer processrequires additional authentication credentials; and an executableportion for authenticating the user using a third authentication method.11. The computer program product of claim 10, wherein the thirdauthentication method is different from the first authentication methodand the second authentication method.
 12. The computer program productof claim 8, wherein the first authentication method comprisesverification using a PIN, wherein the second authentication methodcomprises verification using a username and password.
 13. The computerprogram product of claim 9, wherein the third authentication methodcomprises verification using biometric data.
 14. A computer-implementedmethod for multi-channel authentication with a persistent integrationplatform, the method comprising: detecting that a user has accessed anentity computing system; authenticating the user via the entitycomputing system using a first authentication method; retrieving, from aresource transfer server, data associated with the user; based on thedata associated with the user, prompting the user to initiate a resourcetransfer process; detecting that the user wishes to suspend the resourcetransfer process; generating a data record of the resource transferprocess within a persistent element of the resource transfer server;detecting that the user wishes to resume the resource transfer processvia a user computing system; and authenticating the user via the usercomputing system using a second authentication method.
 15. Thecomputer-implemented method of claim 14, wherein the firstauthentication method is different from the second authenticationmethod.
 16. The computer-implemented method of claim 14, the methodfurther comprising: detecting that the resource transfer processrequires additional authentication credentials; and authenticating theuser using a third authentication method.
 17. The computer-implementedmethod of claim 16, wherein the third authentication method is differentfrom the first authentication method and the second authenticationmethod.
 18. The computer-implemented method of claim 14, wherein thefirst authentication method comprises verification using a PIN, whereinthe second authentication method comprises verification using a usernameand password.
 19. The computer-implemented method of claim 15, whereinthe third authentication method comprises verification using biometricdata.
 20. The computer-implemented method of claim 14, the methodfurther comprising prefilling customer information for the resourcetransfer process.